From 9cb002c8560b21cbc22898214e50f0a3a68bbd5d Mon Sep 17 00:00:00 2001 From: giles Date: Thu, 28 May 2026 02:32:06 +0000 Subject: [PATCH] =?UTF-8?q?fed-sx-m1:=20Step=206a=20=E2=80=94=20pipeline:r?= =?UTF-8?q?un=5Fstages=20driver=20+=20validate=5Finbound/outbound=20+=2010?= =?UTF-8?q?=20tests?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- next/kernel/pipeline.erl | 37 ++++++++++++ next/tests/pipeline_driver.sh | 110 ++++++++++++++++++++++++++++++++++ plans/fed-sx-milestone-1.md | 8 +++ 3 files changed, 155 insertions(+) create mode 100644 next/kernel/pipeline.erl create mode 100755 next/tests/pipeline_driver.sh diff --git a/next/kernel/pipeline.erl b/next/kernel/pipeline.erl new file mode 100644 index 00000000..1e8e252b --- /dev/null +++ b/next/kernel/pipeline.erl @@ -0,0 +1,37 @@ +-module(pipeline). +-export([run_stages/2, + validate_inbound/1, validate_outbound/1, + inbound_stages/0, outbound_stages/0]). + +%% Validation pipeline per design §14. +%% +%% A stage is a 1-arity fun `(Activity) -> ok | {error, Reason}`. +%% The driver folds the activity through the stage list, halting +%% on the first error. The pure-functional driver itself takes a +%% stage list directly so tests can inject ad-hoc stage sequences +%% without depending on the bundled inbound/outbound lists. +%% +%% Inbound pipeline (full set per design §14): envelope, signature, +%% replay, audience, activity_schema, object_schema, content_validators, +%% capabilities, trust. Outbound is a subset (no replay, no trust; +%% auth handled at the HTTP layer). +%% +%% This sub-deliverable (6a) wires only the driver and the empty +%% stage lists. Concrete stages land in 6b-6c. + +run_stages(_Activity, []) -> ok; +run_stages(Activity, [Stage | Rest]) -> + Result = Stage(Activity), + case Result of + ok -> run_stages(Activity, Rest); + {error, _} -> Result + end. + +validate_inbound(Activity) -> + run_stages(Activity, inbound_stages()). + +validate_outbound(Activity) -> + run_stages(Activity, outbound_stages()). + +inbound_stages() -> []. +outbound_stages() -> []. diff --git a/next/tests/pipeline_driver.sh b/next/tests/pipeline_driver.sh new file mode 100755 index 00000000..93151293 --- /dev/null +++ b/next/tests/pipeline_driver.sh @@ -0,0 +1,110 @@ +#!/usr/bin/env bash +# next/tests/pipeline_driver.sh — Step 6a acceptance test. +# +# Exercises the pipeline driver: pipeline:run_stages/2, +# validate_inbound/1, validate_outbound/1, inbound_stages/0, +# outbound_stages/0. Concrete stages land in 6b+. 10 cases. + +set -uo pipefail +cd "$(git rev-parse --show-toplevel)" + +SX_SERVER="${SX_SERVER:-hosts/ocaml/_build/default/bin/sx_server.exe}" +if [ ! -x "$SX_SERVER" ]; then + SX_SERVER="/root/rose-ash/hosts/ocaml/_build/default/bin/sx_server.exe" +fi +if [ ! -x "$SX_SERVER" ]; then + echo "ERROR: sx_server.exe not found." >&2 + exit 1 +fi + +VERBOSE="${1:-}" +PASS=0; FAIL=0; ERRORS="" +TMPFILE=$(mktemp); trap "rm -f $TMPFILE" EXIT + +cat > "$TMPFILE" <<'EPOCHS' +(epoch 1) +(load "lib/erlang/tokenizer.sx") +(load "lib/erlang/parser.sx") +(load "lib/erlang/parser-core.sx") +(load "lib/erlang/parser-expr.sx") +(load "lib/erlang/parser-module.sx") +(load "lib/erlang/transpile.sx") +(load "lib/erlang/runtime.sx") +(load "lib/erlang/vm/dispatcher.sx") + +(epoch 2) +(eval "(get (erlang-load-module (file-read \"next/kernel/pipeline.erl\")) :name)") + +;; Empty stage list returns ok +(epoch 10) +(eval "(get (erlang-eval-ast \"pipeline:run_stages(anything, []) =:= ok\") :name)") + +;; All-ok stages return ok +(epoch 11) +(eval "(get (erlang-eval-ast \"pipeline:run_stages(anything, [fun (_) -> ok end, fun (_) -> ok end, fun (_) -> ok end]) =:= ok\") :name)") + +;; First failing stage halts; later stages do not run +(epoch 12) +(eval "(get (erlang-eval-ast \"pipeline:run_stages(anything, [fun (_) -> ok end, fun (_) -> {error, halt_here} end, fun (_) -> {error, after_halt} end]) =:= {error, halt_here}\") :name)") + +;; Single failing stage returns its error +(epoch 13) +(eval "(get (erlang-eval-ast \"pipeline:run_stages(anything, [fun (_) -> {error, bad} end]) =:= {error, bad}\") :name)") + +;; Stage receives the activity verbatim +(epoch 14) +(eval "(get (erlang-eval-ast \"pipeline:run_stages(my_act, [fun (A) -> case A of my_act -> ok; _ -> {error, wrong_arg} end end]) =:= ok\") :name)") + +;; Empty inbound_stages / outbound_stages lists +(epoch 15) +(eval "(get (erlang-eval-ast \"pipeline:inbound_stages() =:= []\") :name)") +(epoch 16) +(eval "(get (erlang-eval-ast \"pipeline:outbound_stages() =:= []\") :name)") + +;; Wrappers delegate to run_stages with the right list (empty => ok) +(epoch 17) +(eval "(get (erlang-eval-ast \"pipeline:validate_inbound(anything) =:= ok\") :name)") +(epoch 18) +(eval "(get (erlang-eval-ast \"pipeline:validate_outbound(anything) =:= ok\") :name)") +EPOCHS + +OUTPUT=$(timeout 120 "$SX_SERVER" < "$TMPFILE" 2>/dev/null) + +check() { + local epoch="$1" desc="$2" expected="$3" + local actual + actual=$(echo "$OUTPUT" | awk -v e="$epoch" ' + $0 ~ "^\\(ok-len " e " " { getline; print; exit } + $0 ~ "^\\(ok " e " " { print; exit } + $0 ~ "^\\(error " e " " { print; exit } + ') + [ -z "$actual" ] && actual="" + if echo "$actual" | grep -qF -- "$expected"; then + PASS=$((PASS+1)) + [ "$VERBOSE" = "-v" ] && echo " ok $desc" + else + FAIL=$((FAIL+1)) + ERRORS+=" FAIL [$desc] (epoch $epoch) expected: $expected | actual: $actual +" + fi +} + +check 2 "module load name" "pipeline" +check 10 "empty stage list -> ok" "true" +check 11 "all-ok stages -> ok" "true" +check 12 "first failure halts pipeline" "true" +check 13 "single failing stage" "true" +check 14 "stage receives activity verbatim" "true" +check 15 "inbound_stages = []" "true" +check 16 "outbound_stages = []" "true" +check 17 "validate_inbound = ok (empty)" "true" +check 18 "validate_outbound = ok (empty)" "true" + +TOTAL=$((PASS+FAIL)) +if [ $FAIL -eq 0 ]; then + echo "ok $PASS/$TOTAL next/tests/pipeline_driver.sh passed" +else + echo "FAIL $PASS/$TOTAL passed, $FAIL failed:" + echo "$ERRORS" +fi +[ $FAIL -eq 0 ] diff --git a/plans/fed-sx-milestone-1.md b/plans/fed-sx-milestone-1.md index 90b1f950..bb7f46a2 100644 --- a/plans/fed-sx-milestone-1.md +++ b/plans/fed-sx-milestone-1.md @@ -385,6 +385,13 @@ projection fold maintains it.) ## Step 6 — Validation pipeline + POST /activity +**Sub-deliverables:** +- [x] **6a** — `pipeline:run_stages/2` driver — pure fold over a stage list of `(Activity) -> ok | {error, R}` funs, halts on first failure. `validate_inbound/1` + `validate_outbound/1` + `inbound_stages/0` + `outbound_stages/0` (empty lists for now). `next/tests/pipeline_driver.sh` (10 cases). +- [ ] **6b** — Stage modules calling existing envelope module: `stage_envelope/1` (validate_shape), `stage_signature/1` (needs actor-state lookup — accept any signed proxy for v1) +- [ ] **6c** — `stage_replay/1` (checks the log for existing activity id), `stage_activity_schema/1` (registry lookup + schema body eval is deferred — placeholder) +- [ ] **6d** — `outbox:publish/2`: envelope construction, sign, validate_outbound, log:append, returns `{ok, #{cid, ap_id}}` +- [ ] **6e** — HTTP handler for POST /activity glue (depends on Step 8 http server) + **Deliverables:** ```erlang @@ -961,6 +968,7 @@ A few things still under-specified; resolve as work begins. Newest first. One line per sub-deliverable commit. Erlang conformance gate (`bash lib/erlang/conformance.sh`) must remain 729/729 on every entry. +- **2026-05-28** — Step 6a: `next/kernel/pipeline.erl` — validation pipeline driver per design §14. `run_stages/2` is a pure fold over `(Activity) -> ok | {error, R}` funs, halting on first failure. Halt verified by inserting a post-error stage that would set a contradictory tag if it ran. `validate_inbound/1` + `validate_outbound/1` wrappers; concrete stage lists are empty (6b wires `stage_envelope`/`stage_signature`). Port quirk: `Pattern = Var` match-alias syntax unsupported — split into separate `Result = X, case Result of ...`. `next/tests/pipeline_driver.sh` 10/10. Step 6 broken into 6a–6e on the plan. Erlang conformance 729/729. - **2026-05-28** — Step 5b: `registry.erl` extended with gen_server callbacks + named-process API. `start_link/0` spawns the worker, registers it under the literal `registry` atom, returns the Pid (port returns raw Pid not `{ok, Pid}` — diverges from OTP). 3-arity `register`, 2-arity `lookup`, 1-arity `list` delegate to the pure /4 and /3 functions inside handle_call. Port note documented: `?MODULE` macro unsupported; tests must inline start_link with operations since spawned processes don't persist across separate `erlang-eval-ast` calls. `next/tests/registry_server.sh` 12/12. Erlang conformance 729/729. - **2026-05-28** — Step 4e: `bootstrap:load_genesis/1` + `strip_sx_suffix/1` in `next/kernel/bootstrap.erl`. Walks `read_genesis` output and threads each entry through `registry:register/4`, using the section atom as the kind and the filename-minus-`.sx` as the entry name. Per-kind counts match the seven bootstrap sections exactly (3/10/7/3/3/2/3 = 31 entries total). `next/tests/bootstrap_load.sh` 15/15. Determinism verified by comparing `cid:to_string` of the loaded state across calls (faster than deep-equality on the nested-binary state). Step 4 is now complete end-to-end except for SX-source parsing of the loaded entries. Erlang conformance 729/729. - **2026-05-28** — Step 5a: `next/kernel/registry.erl` — pure-functional registry. State is `[{Kind, [{Name, Entry}, ...]}, ...]` keyed by the same seven section atoms as Step 4c (activity_types, object_types, projections, validators, codecs, sig_suites, audience). API: `new/0`, `kinds/0`, `register/4`, `lookup/3`, `list/2`. Unknown kinds rejected with `{error, unknown_kind}`; missing names return `not_found`; re-registering the same name overrides without growing the list. `next/tests/registry_pure.sh` 14/14. Step 5 broken into 5a–5d on the plan. Erlang conformance 729/729.